Who we are
Puzzlebrains is not registered as a company; we are a membership organisation.
Our website address is: https://puzzlebrains.com
What personal data we collect and why we collect it
In order to provide the services of this site (such as puzzle answer checking), we require the creation of a user account. This account stores details such as a username and email address, and also records purchase information and similar data. It does not store any financial details of any kind. By creating an account, you accept that puzzlebrains.com may contact you via email to enable facilities such as account verification and purchase confirmation. Your email address will not be used for any other purpose other than these routine administrative contacts.
When you log in, we will also set up a single cookie (small data file) to save your login information and your screen display choices. Login cookies last until you log out of your account, when the login cookies will be removed. A "Remember Me" feature may be implemented at some point in the future; in this case, the cookie will last for a period of three months before being removed automatically from our system. Note that some third-party cookies may also be installed on your system solely for display purposes; no personal data is transferred at any point to these third-parties.
Who we share your data with
Your data will never be shared with any other organisations for any reason unless we are obliged to disclose it for legal purposes and we will notify users if this occurs.
Pages on this site use Google fonts but no personal or identifiable data is sent to Google as part of this.
How long we retain your data
For users that register on our website, we also store the personal information they provide in their user profile; this is limited to the "username" and email address provided, and an encrypted password. We do not store or access any other information such as IP address. Website administrators can also see and edit that basic information, but cannot read the encrypted password. This information will be retained indefinitely unless you request the removal of your account; however, from time to time website administrators may delete accounts which appear to be inactive or malicious.
What rights you have over your data
If you have an account on this site, you can contact email@example.com to request an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This will usually involve removing your user account completely, but this does not include any data we are obliged to keep for administrative, legal, or security purposes. You may request the removal of your email address from your account - this may mean that future interaction with the site will be impaired, and notifications of updates will not be sent to you.
How we protect your data
We use encryption to protect your personal data. In addition, we have a secure site that means that data you send to us is also encrypted so that if it is intercepted by a third party, it will not be useful to them.
What data breach procedures we have in place
If our database is compromised, we will endeavour to contact all users to notify them of the issue. Although no sensitive data is stored on our systems, we recommend that, for example, users do not use the same password on multiple sites as a breach of one may render other accounts vulnerable.